diff --git a/src/dtls.c b/src/dtls.c index 17e8b1b4c20..20023329d3f 100644 --- a/src/dtls.c +++ b/src/dtls.c @@ -857,9 +857,9 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch) nonConstSSL->options.tls1_1 = 1; nonConstSSL->options.tls1_3 = 1; - XMEMCPY(nonConstSSL->session->sessionID, ch->sessionId.elements, - ch->sessionId.size); - nonConstSSL->session->sessionIDSz = (byte)ch->sessionId.size; + /* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty + * legacy_session_id_echo. Don't copy the client's session ID. */ + nonConstSSL->session->sessionIDSz = 0; nonConstSSL->options.cipherSuite0 = cs.cipherSuite0; nonConstSSL->options.cipherSuite = cs.cipherSuite; nonConstSSL->extensions = parsedExts; diff --git a/src/ssl_sess.c b/src/ssl_sess.c index e1c3cab7b73..5501c5cc2dd 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -1142,10 +1142,8 @@ static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess) XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0)) return 0; #endif -#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version)) return 0; -#endif return 1; } @@ -1553,12 +1551,11 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session) ssl->options.resuming = 1; ssl->options.haveEMS = (ssl->session->haveEMS) ? 1 : 0; -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) - ssl->version = ssl->session->version; - if (IsAtLeastTLSv1_3(ssl->version)) - ssl->options.tls1_3 = 1; -#endif + if (ssl->session->version.major != 0) { + ssl->version = ssl->session->version; + if (IsAtLeastTLSv1_3(ssl->version)) + ssl->options.tls1_3 = 1; + } #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) ssl->options.cipherSuite0 = ssl->session->cipherSuite0; @@ -2601,11 +2598,8 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) for (i = 0; i < sess->chain.count; i++) size += OPAQUE16_LEN + sess->chain.certs[i].length; #endif -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) /* Protocol version */ size += OPAQUE16_LEN; -#endif #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) /* cipher suite */ @@ -2681,11 +2675,8 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) idx += sess->chain.certs[i].length; } #endif -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) data[idx++] = sess->version.major; data[idx++] = sess->version.minor; -#endif #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) data[idx++] = sess->cipherSuite0; @@ -2854,8 +2845,6 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess, idx += length; } #endif -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) /* Protocol Version */ if (i - idx < OPAQUE16_LEN) { ret = BUFFER_ERROR; @@ -2863,7 +2852,6 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess, } s->version.major = data[idx++]; s->version.minor = data[idx++]; -#endif #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) /* Cipher suite */ @@ -3176,10 +3164,8 @@ static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx, if (cacheSession && cacheSession->sessionIDSz == ID_LEN && XMEMCMP(id, cacheSession->sessionID, ID_LEN) == 0 && session->side == cacheSession->side - #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) && (IsAtLeastTLSv1_3(session->version) == IsAtLeastTLSv1_3(cacheSession->version)) - #endif ) { if (get) { if (getRet) { @@ -3604,10 +3590,7 @@ void SetupSession(WOLFSSL* ssl) #ifndef NO_ASN_TIME session->bornOn = LowResTimer(); #endif -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) session->version = ssl->version; -#endif #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) session->cipherSuite0 = ssl->options.cipherSuite0; diff --git a/src/tls.c b/src/tls.c index 52cc005a4a3..b854b8f8cd5 100644 --- a/src/tls.c +++ b/src/tls.c @@ -12198,7 +12198,6 @@ static int TLSX_PreSharedKey_Parse(WOLFSSL* ssl, const byte* input, } list->chosen = 1; - #ifdef HAVE_SESSION_TICKET if (list->resumption) { /* Check that the session's details are the same as the server's. */ if (ssl->options.cipherSuite0 != ssl->session->cipherSuite0 || @@ -12209,7 +12208,6 @@ static int TLSX_PreSharedKey_Parse(WOLFSSL* ssl, const byte* input, return PSK_KEY_ERROR; } } - #endif return 0; } diff --git a/src/tls13.c b/src/tls13.c index 32428b2114f..4741adb6952 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -4574,8 +4574,8 @@ int SendTls13ClientHello(WOLFSSL* ssl) } #endif /* WOLFSSL_DTLS */ -#ifdef HAVE_SESSION_TICKET if (ssl->options.resuming && + ssl->session->version.major != 0 && (ssl->session->version.major != ssl->version.major || ssl->session->version.minor != ssl->version.minor)) { #ifndef WOLFSSL_NO_TLS12 @@ -4594,7 +4594,6 @@ int SendTls13ClientHello(WOLFSSL* ssl) return VERSION_ERROR; } } -#endif suites = WOLFSSL_SUITES(ssl); if (suites == NULL) { @@ -4648,6 +4647,13 @@ int SendTls13ClientHello(WOLFSSL* ssl) ssl->session->sessionIDSz = 0; ssl->options.tls13MiddleBoxCompat = 0; } +#endif +#ifdef WOLFSSL_DTLS13 + if (ssl->options.dtls) { + /* RFC 9147 Section 5: DTLS implementations do not use the + * TLS 1.3 "compatibility mode" */ + ssl->options.tls13MiddleBoxCompat = 0; + } #endif GetTls13SessionId(ssl, NULL, &sessIdSz); args->length += (word16)sessIdSz; @@ -5591,8 +5597,17 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } else #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ +#if defined(WOLFSSL_QUIC) || defined(WOLFSSL_DTLS13) + if (0 #ifdef WOLFSSL_QUIC - if (WOLFSSL_IS_QUIC(ssl)) { + || WOLFSSL_IS_QUIC(ssl) +#endif +#ifdef WOLFSSL_DTLS13 + || ssl->options.dtls +#endif + ) { + /* RFC 9147 Section 5.3 / RFC 9001 Section 8.4: DTLS 1.3 and QUIC + * ServerHello must have empty legacy_session_id_echo. */ if (args->sessIdSz != 0) { WOLFSSL_MSG("args->sessIdSz != 0"); WOLFSSL_ERROR_VERBOSE(INVALID_PARAMETER); @@ -5600,7 +5615,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } } else -#endif /* WOLFSSL_QUIC */ +#endif /* WOLFSSL_QUIC || WOLFSSL_DTLS13 */ if (args->sessIdSz != ssl->session->sessionIDSz || (args->sessIdSz > 0 && XMEMCMP(ssl->session->sessionID, args->sessId, args->sessIdSz) != 0)) { @@ -6563,6 +6578,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) word16 length; int keyShareExt = 0; int ret; + byte sessIdSz; ret = TlsCheckCookie(ssl, cookie->data, (byte)cookie->len); if (ret < 0) @@ -6587,7 +6603,13 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) return ret; /* Reconstruct the HelloRetryMessage for handshake hash. */ - length = HRR_BODY_SZ - ID_LEN + ssl->session->sessionIDSz + + sessIdSz = ssl->session->sessionIDSz; +#ifdef WOLFSSL_DTLS13 + /* RFC 9147 Section 5.3: DTLS 1.3 must use empty legacy_session_id. */ + if (ssl->options.dtls) + sessIdSz = 0; +#endif + length = HRR_BODY_SZ - ID_LEN + sessIdSz + HRR_COOKIE_HDR_SZ + cookie->len; length += HRR_VERSIONS_SZ; /* HashSz (1 byte) + Hash (HashSz bytes) + CipherSuite (2 bytes) */ @@ -6614,10 +6636,10 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) XMEMCPY(hrr + hrrIdx, helloRetryRequestRandom, RAN_LEN); hrrIdx += RAN_LEN; - hrr[hrrIdx++] = ssl->session->sessionIDSz; - if (ssl->session->sessionIDSz > 0) { - XMEMCPY(hrr + hrrIdx, ssl->session->sessionID, ssl->session->sessionIDSz); - hrrIdx += ssl->session->sessionIDSz; + hrr[hrrIdx++] = sessIdSz; + if (sessIdSz > 0) { + XMEMCPY(hrr + hrrIdx, ssl->session->sessionID, sessIdSz); + hrrIdx += sessIdSz; } /* Restore the cipher suite from the cookie. */ @@ -6630,7 +6652,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) hrr[hrrIdx++] = 0; /* Extensions' length */ - length -= HRR_BODY_SZ - ID_LEN + ssl->session->sessionIDSz; + length -= HRR_BODY_SZ - ID_LEN + sessIdSz; c16toa(length, hrr + hrrIdx); hrrIdx += 2; @@ -7055,9 +7077,20 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (sessIdSz + args->idx > helloSz) ERROR_OUT(BUFFER_ERROR, exit_dch); - ssl->session->sessionIDSz = sessIdSz; - if (sessIdSz > 0) - XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz); +#ifdef WOLFSSL_DTLS13 + /* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty + * legacy_session_id_echo. Don't store the client's value so it + * won't be echoed in SendTls13ServerHello. */ + if (ssl->options.dtls) { + ssl->session->sessionIDSz = 0; + } + else +#endif + { + ssl->session->sessionIDSz = sessIdSz; + if (sessIdSz > 0) + XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz); + } args->idx += sessIdSz; #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT @@ -7630,10 +7663,21 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType) WOLFSSL_BUFFER(ssl->arrays->serverRandom, RAN_LEN); #endif - output[idx++] = ssl->session->sessionIDSz; - if (ssl->session->sessionIDSz > 0) { - XMEMCPY(output + idx, ssl->session->sessionID, ssl->session->sessionIDSz); - idx += ssl->session->sessionIDSz; +#ifdef WOLFSSL_DTLS13 + if (ssl->options.dtls) { + /* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty + * legacy_session_id_echo. */ + output[idx++] = 0; + } + else +#endif + { + output[idx++] = ssl->session->sessionIDSz; + if (ssl->session->sessionIDSz > 0) { + XMEMCPY(output + idx, ssl->session->sessionID, + ssl->session->sessionIDSz); + idx += ssl->session->sessionIDSz; + } } /* Chosen cipher suite */ diff --git a/tests/api.c b/tests/api.c index 5818a69bc43..a20fbfbf997 100644 --- a/tests/api.c +++ b/tests/api.c @@ -4559,12 +4559,12 @@ static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz, * "Import from Hex Dump..." option ion and selecting the TCP * encapsulation option. */ char dump_file_name[64]; - WOLFSSL_BIO *dump_file; + XFILE dump_file; sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName); - dump_file = wolfSSL_BIO_new_file(dump_file_name, "a"); - if (dump_file != NULL) { - (void)wolfSSL_BIO_write(dump_file, data, sz); - wolfSSL_BIO_free(dump_file); + dump_file = XFOPEN(dump_file_name, "ab"); + if (dump_file != XBADFILE) { + (void)XFWRITE(data, 1, (size_t)sz, dump_file); + XFCLOSE(dump_file); } } #endif @@ -30950,10 +30950,7 @@ static int test_short_session_id_ssl_ready(WOLFSSL* ssl) /* Setup the session to avoid errors */ ssl->session->timeout = (word32)-1; ssl->session->side = WOLFSSL_CLIENT_END; -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) ssl->session->version = ssl->version; -#endif /* Force a short session ID to be sent */ ssl->session->sessionIDSz = 4; #ifndef NO_SESSION_CACHE_REF diff --git a/tests/api/test_dtls.c b/tests/api/test_dtls.c index fd38206e72a..5bd296fcbf2 100644 --- a/tests/api/test_dtls.c +++ b/tests/api/test_dtls.c @@ -2727,3 +2727,90 @@ int test_dtls13_min_rtx_interval(void) #endif return EXPECT_RESULT(); } + +/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty + * legacy_session_id_echo, even if the ClientHello had a non-empty + * legacy_session_id. */ +int test_dtls13_no_session_id_echo(void) +{ + EXPECT_DECLS; +#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \ + defined(HAVE_SESSION_TICKET) + struct test_memio_ctx test_ctx; + WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; + WOLFSSL *ssl_c = NULL, *ssl_s = NULL; + WOLFSSL_SESSION *sess = NULL; + char readBuf[1]; + /* Use traditional groups to avoid HRR from PQ key share mismatch */ + int groups[] = { + WOLFSSL_ECC_SECP256R1, + WOLFSSL_ECC_SECP384R1, + }; + + /* First connection: complete a DTLS 1.3 handshake to get a session */ + XMEMSET(&test_ctx, 0, sizeof(test_ctx)); + ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, + wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); + ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS); + ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); + + /* Read to process any NewSessionTicket */ + ExpectIntEQ(wolfSSL_read(ssl_c, readBuf, sizeof(readBuf)), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); + + ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); + + /* Ensure the session has a non-empty session ID so the ClientHello + * will have a populated legacy_session_id field (which is legal per + * RFC 9147). */ + if (sess != NULL && sess->sessionIDSz == 0) { + sess->sessionIDSz = ID_LEN; + XMEMSET(sess->sessionID, 0x42, ID_LEN); + } + + wolfSSL_free(ssl_c); ssl_c = NULL; + wolfSSL_free(ssl_s); ssl_s = NULL; + wolfSSL_CTX_free(ctx_c); ctx_c = NULL; + wolfSSL_CTX_free(ctx_s); ctx_s = NULL; + + /* Second connection: set the session on the client so the ClientHello + * contains a non-empty legacy_session_id. Verify the server does NOT + * echo it in the ServerHello. */ + XMEMSET(&test_ctx, 0, sizeof(test_ctx)); + ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, + wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); + ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); + /* Use traditional groups to avoid HRR from key share mismatch */ + ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS); + /* Disable HRR cookie so the server directly sends a ServerHello */ + ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS); + + /* Client sends ClientHello (with non-empty legacy_session_id) */ + ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); + + /* Server processes ClientHello and sends ServerHello + flight */ + ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); + + /* Verify the ServerHello on the wire. + * Layout: DTLS Record Header (13) + DTLS Handshake Header (12) + + * ProtocolVersion (2) + Random (32) = offset 59 for + * legacy_session_id_echo length byte. */ + ExpectIntGE(test_ctx.c_len, 60); + ExpectIntEQ(test_ctx.c_buff[0], handshake); + ExpectIntEQ(test_ctx.c_buff[DTLS_RECORD_HEADER_SZ], server_hello); + ExpectIntEQ(test_ctx.c_buff[DTLS_RECORD_HEADER_SZ + + DTLS_HANDSHAKE_HEADER_SZ + OPAQUE16_LEN + RAN_LEN], 0); + + /* Complete the handshake */ + ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); + + wolfSSL_SESSION_free(sess); + wolfSSL_free(ssl_c); + wolfSSL_free(ssl_s); + wolfSSL_CTX_free(ctx_c); + wolfSSL_CTX_free(ctx_s); +#endif + return EXPECT_RESULT(); +} diff --git a/tests/api/test_dtls.h b/tests/api/test_dtls.h index 3593340ab64..01f47ccda9f 100644 --- a/tests/api/test_dtls.h +++ b/tests/api/test_dtls.h @@ -52,6 +52,7 @@ int test_dtls_memio_wolfio_stateless(void); int test_dtls_mtu_fragment_headroom(void); int test_dtls_mtu_split_messages(void); int test_dtls13_min_rtx_interval(void); +int test_dtls13_no_session_id_echo(void); #define TEST_DTLS_DECLS \ TEST_DECL_GROUP("dtls", test_dtls12_basic_connection_id), \ @@ -83,5 +84,6 @@ int test_dtls13_min_rtx_interval(void); TEST_DECL_GROUP("dtls", test_dtls_mtu_fragment_headroom), \ TEST_DECL_GROUP("dtls", test_dtls_mtu_split_messages), \ TEST_DECL_GROUP("dtls", test_dtls_memio_wolfio_stateless), \ - TEST_DECL_GROUP("dtls", test_dtls13_min_rtx_interval) + TEST_DECL_GROUP("dtls", test_dtls13_min_rtx_interval), \ + TEST_DECL_GROUP("dtls", test_dtls13_no_session_id_echo) #endif /* TESTS_API_DTLS_H */ diff --git a/tests/utils.c b/tests/utils.c index e9162b11972..a6d37b89d50 100644 --- a/tests/utils.c +++ b/tests/utils.c @@ -80,12 +80,12 @@ int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz, void *ctx) #ifdef WOLFSSL_DUMP_MEMIO_STREAM { char dump_file_name[64]; - WOLFSSL_BIO *dump_file; + XFILE dump_file; sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName); - dump_file = wolfSSL_BIO_new_file(dump_file_name, "a"); - if (dump_file != NULL) { - (void)wolfSSL_BIO_write(dump_file, data, sz); - wolfSSL_BIO_free(dump_file); + dump_file = XFOPEN(dump_file_name, "ab"); + if (dump_file != XBADFILE) { + (void)XFWRITE(data, 1, (size_t)sz, dump_file); + XFCLOSE(dump_file); } } #endif diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 46403880129..755aa94358e 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -22732,55 +22732,74 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void) #endif /* defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) */ -#define RSA_TEST_BYTES 512 /* up to 4096-bit key */ +#define RSA_TEST_BYTES (RSA_MAX_SIZE / 8) #if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \ !defined(WOLFSSL_RSA_VERIFY_ONLY) static wc_test_ret_t rsa_flatten_test(RsaKey* key) { wc_test_ret_t ret; +#if !defined(WOLFSSL_NO_MALLOC) + byte* e = NULL; + byte* n = NULL; +#else byte e[RSA_TEST_BYTES]; byte n[RSA_TEST_BYTES]; - word32 eSz = sizeof(e); - word32 nSz = sizeof(n); +#endif + word32 eSz = RSA_TEST_BYTES; + word32 nSz = RSA_TEST_BYTES; + +#if !defined(WOLFSSL_NO_MALLOC) + e = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + n = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (e == NULL || n == NULL) + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_flatten); +#endif /* Parameter Validation testing. */ ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); ret = wc_RsaFlattenPublicKey(key, NULL, &eSz, n, &nSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); ret = wc_RsaFlattenPublicKey(key, e, NULL, n, &nSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); ret = wc_RsaFlattenPublicKey(key, e, &eSz, NULL, &nSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, NULL); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); eSz = 0; ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); - eSz = sizeof(e); + eSz = RSA_TEST_BYTES; nSz = 0; ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten); - return 0; + ret = 0; + +exit_rsa_flatten: +#if !defined(WOLFSSL_NO_MALLOC) + XFREE(e, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } #endif /* NO_ASN */ @@ -22789,75 +22808,100 @@ static wc_test_ret_t rsa_flatten_test(RsaKey* key) static wc_test_ret_t rsa_export_key_test(RsaKey* key) { wc_test_ret_t ret; - byte e[3]; + byte e[3]; word32 eSz = sizeof(e); - byte n[RSA_TEST_BYTES]; - word32 nSz = sizeof(n); - byte d[RSA_TEST_BYTES]; - word32 dSz = sizeof(d); - byte p[RSA_TEST_BYTES/2]; - word32 pSz = sizeof(p); - byte q[RSA_TEST_BYTES/2]; - word32 qSz = sizeof(q); +#if !defined(WOLFSSL_NO_MALLOC) + byte* n = NULL; + byte* d = NULL; + byte* p = NULL; + byte* q = NULL; +#else + byte n[RSA_TEST_BYTES]; + byte d[RSA_TEST_BYTES]; + byte p[RSA_TEST_BYTES/2]; + byte q[RSA_TEST_BYTES/2]; +#endif + word32 nSz = RSA_TEST_BYTES; + word32 dSz = RSA_TEST_BYTES; + word32 pSz = RSA_TEST_BYTES/2; + word32 qSz = RSA_TEST_BYTES/2; word32 zero = 0; +#if !defined(WOLFSSL_NO_MALLOC) + n = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + d = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + p = (byte*)XMALLOC(RSA_TEST_BYTES/2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + q = (byte*)XMALLOC(RSA_TEST_BYTES/2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (n == NULL || d == NULL || p == NULL || q == NULL) + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_export); +#endif + ret = wc_RsaExportKey(NULL, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, NULL, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, NULL, n, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, NULL, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, NULL, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, NULL, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, NULL, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, NULL, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, NULL, q, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, NULL, &qSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, NULL); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &zero, n, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &zero, d, &dSz, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); #ifndef WOLFSSL_RSA_PUBLIC_ONLY ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &zero, p, &pSz, q, &qSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &zero, q, &qSz); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &zero); if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export); - return 0; + ret = 0; + +exit_rsa_export: +#if !defined(WOLFSSL_NO_MALLOC) + XFREE(n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(d, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(p, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(q, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } #endif /* !HAVE_FIPS && !NO_ASN && !WOLFSSL_RSA_VERIFY_ONLY */ @@ -22884,41 +22928,51 @@ static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG 0xa6, 0x58, 0x0a, 0x33, 0x0b, 0x84, 0x5f, 0x5f }; word32 inLen = (word32)XSTRLEN((char*)in); +#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY) + word32 outSz = RSA_TEST_BYTES; +#endif +#if !defined(WOLFSSL_NO_MALLOC) + byte* out = NULL; + out = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (out == NULL) + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_sig); +#else byte out[RSA_TEST_BYTES]; +#endif /* Parameter Validation testing. */ ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_NONE, key, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, key, 0); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); sigSz = (word32)modLen; ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, NULL, inLen, out, &sigSz, key, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, 0, out, &sigSz, key, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, NULL, &sigSz, key, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, NULL, key, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, &sigSz, NULL, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, &sigSz, key, 0, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, &sigSz, key, keyLen, NULL); #if defined(WOLFSSL_AFALG_XILINX_RSA) || defined(WOLFSSL_XILINX_CRYPT) @@ -22942,112 +22996,119 @@ static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG #else if (ret != WC_NO_ERR_TRACE(MISSING_RNG_E)) #endif - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); sigSz = 0; ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, &sigSz, key, keyLen, rng); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, NULL, inLen, out, (word32)modLen, key, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, 0, out, (word32)modLen, key, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, NULL, (word32)modLen, key, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, 0, key, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, (word32)modLen, NULL, keyLen); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, (word32)modLen, key, 0); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); #ifndef HAVE_ECC ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_ECC, key, keyLen); if (ret != WC_NO_ERR_TRACE(SIG_TYPE_E)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); #endif #if defined(WOLF_CRYPTO_CB_ONLY_RSA) - return 0; + ret = 0; + goto exit_rsa_sig; #endif /* Use APIs. */ ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, key, keyLen); if (ret != modLen) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA_W_ENC, key, keyLen); if (ret != modLen) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); sigSz = (word32)ret; #if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY) - XMEMSET(out, 0, sizeof(out)); + XMEMSET(out, 0, outSz); ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, &sigSz, key, keyLen, rng); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, (word32)modLen, key, keyLen); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); - sigSz = (word32)sizeof(out); + sigSz = outSz; ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC, in, inLen, out, &sigSz, key, keyLen, rng); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC, in, inLen, out, (word32)modLen, key, keyLen); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); /* Wrong signature type. */ ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in, inLen, out, (word32)modLen, key, keyLen); if (ret == 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); /* check hash functions */ - sigSz = (word32)sizeof(out); + sigSz = outSz; ret = wc_SignatureGenerateHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, hash, (int)sizeof(hash), out, &sigSz, key, keyLen, rng); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, hash, (int)sizeof(hash), out, (word32)modLen, key, keyLen); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); - sigSz = (word32)sizeof(out); + sigSz = outSz; ret = wc_SignatureGenerateHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC, hashEnc, (int)sizeof(hashEnc), out, &sigSz, key, keyLen, rng); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); ret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC, hashEnc, (int)sizeof(hashEnc), out, (word32)modLen, key, keyLen); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig); #else (void)hash; (void)hashEnc; #endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */ - return 0; + ret = 0; + +exit_rsa_sig: +#if !defined(WOLFSSL_NO_MALLOC) + XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } #endif /* !NO_SIG_WRAPPER && !NO_SHA256 */ @@ -64286,7 +64347,11 @@ static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx) word32 sigSz; WOLFSSL_SMALL_STACK_STATIC const byte in[] = TEST_STRING; +#if !defined(WOLFSSL_NO_MALLOC) + byte* out = NULL; +#else byte out[RSA_TEST_BYTES]; +#endif #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ !defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) && \ @@ -64324,6 +64389,11 @@ static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx) if (tmp == NULL) ERROR_OUT(WC_TEST_RET_ENC_ERRNO, exit_onlycb); #endif +#if !defined(WOLFSSL_NO_MALLOC) + out = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (out == NULL) + ERROR_OUT(WC_TEST_RET_ENC_ERRNO, exit_onlycb); +#endif #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024); @@ -64417,6 +64487,9 @@ static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx) #else wc_FreeRsaKey(key); #endif +#if !defined(WOLFSSL_NO_MALLOC) + XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif #endif return ret; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 216b75bde1c..bc57dde7a25 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -4692,10 +4692,7 @@ struct WOLFSSL_SESSION { #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) WOLFSSL_X509* peer; /* peer cert */ #endif -#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ - defined(HAVE_SESSION_TICKET)) ProtocolVersion version; /* which version was used */ -#endif #if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) byte cipherSuite0; /* first byte, normally 0 */